Managing Secrets with Chef

Managing infrastructure requires you to coordinate interactions between applications and individuals. Enabling secure communication between the two relies on a number of systems trusting one another. In practice, this means distributing keys, passwords, and certificates. Handling these secrets securely can definitely be a challenge.

In this webinar, Franklin Webber, a training and technical content lead at Chef, will explain why it is important to manage secrets and how you can do it with Chef and tools such as encrypted data bags and Chef Vault. When you're done, you'll see why security through encryption is preferable to security through obscurity, be able to safely manage secrets with Chef, and know where to go to learn even more.

You’ve probably found that the many tests you write for all your cookbooks require as much or more effort than maintaining the cookbooks themselves. You’ve also probably noticed that there’s quite a bit of boilerplate code required to verify all the recipes, resources, and helpers. The consequence is that much of your test code is duplicated from one cookbook to another.

In this webinar, Franklin Webber, Training and Technical Content Lead at Chef, will show you techniques that bring elegance to a cookbook’s tests. You’ll learn how to eliminate redundancy, rebuild common patterns into helpers, and extract those helpers into a portable library.

It's hard enough for a company to run its own services reliably - there are entire volumes of work written on how to do it. When you’re a vendor to other groups in your own company, you add even more complexity when you dogfood software; the practice of testing and using the same software you ship to customers. At Chef, we decided to dogfood our own products along with several new technology components simultaneously. It was an educational experience!

In this webinar, Chef Principal Engineer Seth Chisamore shares how his team learned to dogfood software for the Package Router project, which is a service used to distribute every product Chef Software Inc ships. Our software was still under development and the team used dogfooding not just as quality control but as a way to demonstrate their confidence in its stability. He'll talk about lessons learned and how the team leveraged several Chef products--including Habitat, InSpec, and Chef Automate--in tandem with a new technology stack to make sure our software is always ready to release to customers.

Join us to learn:

- The value of including automated tests as part of a build pipeline
- How we use our own open-source and commercial products at Chef to serve up our software to the world
- How to leverage new technologies safely and at velocity

Containers provide a delightful development experience. It’s easy to download a container image and get started writing code. But it’s a different story when you have to run containers in production at scale. That’s when all the hidden complexities become apparent and the real challenges begin. What tools are you going to use to build, deploy, run, and manage your containerized applications? How are you going to manage difference between environments like staging and production with a fleet of immutable objects? How will you effectively scale containerized applications once you’ve deployed them?

Habitat, our open-source project for application automation, simplifies container management by packaging applications in a compact, atomic, and easily auditable format that makes it easier to deploy your application on various container runtimes. Once your applications are deployed, the Habitat supervisor simplifies the complexities of running in production environments with built-in abstractions for functions typically handled by external tooling, such as dynamic scaling and rolling updates.

Join Ian Henry and Michael Ducy on Friday, December 9th at 10:00 AM PT, to learn how Habitat makes building, deploying, and running your applications in containers simple, no matter how complex the production environment.

Join us to learn:
- Why automation is critical to deploying in a containerized world and how - Habitat provides the minimum viable automation.
- Why a strong container build system is important, and how the Habitat studio provides that system.
- Why Habitat is the easiest way to build and run containers at scale, no matter the underlying container architecture.

Who should attend:
- Anyone new to containers
- Anyone challenged by running containers in production at scale

Chef recently completed a migration of the entire of hosted Chef service, one of the largest implementations of Chef server in the world. We moved from an on-premises, third-party data center to running entirely in AWS with only 20 seconds of downtime.

If you’re planning a complex migration of your own, or are just curious, join us for part two of our "Chef on Chef" series, Migrating Critical Workloads to AWS, to learn about how we did it. Jessica DeVita, Technical Evangelist at Chef, will chat with Paul Mooring, Operations Manager at Chef, about this multi-faceted operation. Jessica and Paul will cover topics such as defining and redefining a minimum viable product (MVP), load testing, dogfooding all the Chef things, using pipelines to manage machine image generation, failed monitoring solutions, the use of policy files, and lessons learned along the way.

This webinar features an extended Q&A session, so come prepared with your Chef migration questions.

Join us to learn:
- How Chef’s Operations team migrated from an on premises datacenter to AWS with just 20 seconds of downtime
- How we adapted our application deployments for the cloud
- Tips for managing large-scale migration projects

There are many existing solutions for distributing secrets or sensitive information with configuration management tools like Chef. Between node attributes, encrypted data bags, and third-party services, the possibilities are truly endless.

One such solution is to utilize a secrets management system, like HashiCorp's Vault. This webinar discusses multiple techniques for retrieving secrets from Vault using Chef. As infrastructure increases in complexity, so to does our need to secure it. Join us to learn how you can use Chef and Vault to secure your infrastructure and accelerate application delivery.

Join us to learn:
- Overview and architecture of HashiCorp's Vault
- Strategies for integrating Vault with Chef
- Common patterns to adopt and anti-patterns to avoid

Chef Certification provides a mechanism for individuals to demonstrate their knowledge and practical experience with Chef, allowing them to enhance their marketability. The program also provides a learning path for each badge with well defined achievements and progression milestones.

In this webinar, we will talk about Chef’s modular and flexible approach to certification. We’ll explain why we use “badges” and how this allows us to be agile to change within Chef’s product portfolio and evolution of the wider ecosystem.

Join us to learn:
- How the Chef Certification framework is structured
- The Chef Certification user experience
- How to prepare for Chef Certification

Who should attend:
This webinar is intended for anyone who wants to learn more about the Chef Certification program, its technical depth and how to get started with it.

InSpec is an open-source testing framework with a human-readable language for specifying compliance, security and other policy requirements. Just as Chef treats infrastructure as code, InSpec treats compliance as code. The shift away from having people act directly on machines to having people act on code means that compliance testing becomes automated, repeatable, and versionable.

Traditionally, compliance policies are stored in a spreadsheet, PDF, or Word document. Those policies are then translated into manual processes and tests that often occur only after a product is developed or deployed. With InSpec, you replace abstract policy descriptions with tangible tests that have a clear intent, and can catch any issues early in the development process. You can apply those tests to every environment across your organization to make sure that they all adhere to policy and are consistent with compliance requirements.

Inspec applies DevOps principles to security and risk management. It provides a single collaborative testing framework allowing you to create a code base that is accessible to everyone on your team. Compliance tests can become part of an automated deployment pipeline and be continuously applied. InSpec can be integrated into your software development process starting from day zero and should be applied continuously as a part of any CI/CD lifecycle.

In this webinar, we’ll explore how InSpec can improve compliance across your applications and infrastructure.

Many companies want to break down the silos that separate different teams in their organization but find that the lack of a common approach to automation presents a formidable challenge. At Chef, we had that very problem when we realized that, to effectively demo our then unreleased product Chef Automate, we needed to automate its installation. The automation not only had to bring up a standard Chef Automate cluster, but it also had to make it easy for many different teams at Chef to layer on top of it so they could tailor the demo to their own purposes.

In this webinar, Chef technical evangelists Jessica DeVita, Andre Elizondo, and Seth Thomas will discuss what folks at Chef learned about bringing different groups together to create something that everyone can use.They’ll talk about using tools besides Chef, leveraging test-driven development methods, and dogfooding through automation. You’ll also learn how the automation, nicknamed “wombat” is evolving, and why it’s important to implement pipelines early.

Join us to hear about:
- The lessons we learned while trying to enable a culture of automation within Chef
- How avoiding orchestration solved several challenges (and presented new ones!)
- The methods we used when building extendable automation

It can be difficult to hire people with the exact skills you want or need for your DevOps team. Just look at the job boards! There’s tons of competition and not nearly enough people to meet the demand. With a total size of 8 employees, DNSimple decided to take a different approach by starting an apprenticeship program to train people with little to no experience in DevOps.

In this webinar, Aaron Kalin of DNSimple goes over the lessons learned in budgeting, hiring, and onboarding their first ever apprentice along with why and how you might want to start a similar program at your company. Aaron will conclude with an update of where their apprentice is now and answer any questions you might have.

Join us to learn:

- Ways to change your hiring practices to be more inclusive and increase diversity
- How to go about starting an apprenticeship program at your company and who is currently running programs
- The benefits of having a DevOps apprenticeship program at your company

Each year a number of awesome Chefs receive special recognition from the community for the work that they do to help the community thrive. In this webinar Nathen Harvey, VP of Community Development, will sit down with this year's Awesome Community Chefs and talk about what makes the Chef Community special and discuss the upcoming Chef Community Summits.

Chef is built in Ruby - a conscious choice for its great flexibility and developer friendliness. For some people, learning the language can feel difficult because most examples lack your perspective as a Chef practitioner. In this interactive webinar, we invite you to follow along in your favorite editor as we dive through the source code to teach you core Ruby concepts.

Join us to learn:
- Fundamental Ruby concepts and how they create the Recipe Domain Specific Language and the tools that power Chef
- Pry’s ability to navigate and query source code

Prerequisites:
Come with the Chef Development Kit installed

Who should attend:
Chefs with a basic understanding of writing recipes and cookbooks that want to gain a better understanding of the cookbooks they author and the tools that they employ each day.

During this webinar we'll discuss the different components of Chef Automate and talk about how it unifies Chef, Inspec, and Habitat into a comprehensive automation strategy for any company in today's digital world.

Join us to learn how:
- Workflow features provide a common pipeline for governance and dependency management.
- Visibility features give you deep insight into what’s happening in your organization, including serverless chef-client runs and data from multiple Chef servers.
- Compliance features enable automated compliance assessments in your workflow pipelines.

Healthcare organizations face increasing regulatory pressure to maintain compliance with HIPAA regulations, while also needing to significantly modernize their technology to comply with ACA, Meaningful Use, and other federal, state, and local requirements. At the same time, the Healthcare field has never had a better opportunity to increase personalized care, lower costs, and leverage technology for measurably better outcomes. Cloud computing offers nearly unlimited computing and storage capacity - but with great power comes great responsibility. The agility Healthcare is enjoying in the cloud comes with increased risk and exposure to security breaches due to lack of compliance with Healthcare regulations and industry best practices.

Cloudticity's HIPAA Compliance as a Service, using Chef's automated compliance capabilities on AWS, is a fully automated software-as-a-service solution. In this webinar, you will see firsthand how Cloudticity has mapped Chef's compliance CIS profiles directly to HIPAA CFR regulations, providing a powerful automated solution to leverage the cloud's agility while minimizing risk.

Habitat is an open-source framework that lets modern application teams build, deploy and manage their applications as portable artifacts that are independent of any particular infrastructure. Whether greenfield or legacy, applications that are packaged with Habitat have the intelligence to self-organize, self-configure and act autonomously. In other words, Habitat is automation that travels with the application.

Habitat addresses the problem of growing complexity, both in the application itself and in its management. At Chef, we think that the problem can be traced to the facts that the infrastructure stack dictates the design of the application and that the application’s automation comes after the fact. Habitat takes the opposite view and puts the application front and center. When an application is wrapped in a Habitat package, it has everything it needs to run in any environment, throughout its lifecycle.

This webinar will review some of the lessons we’ve learned from automating infrastructure and show you how to apply those successful patterns to application automation. You will learn how, with Habitat, application teams can defer decisions about the runtime until they are ready to deploy. Let Habitat handle application management, and concentrate on creating new features and services that delight customers.

This webinar is an overview of the Chef Server--how it’s designed, how it’s packaged, and general advice on operating it at scale (monitoring, troubleshooting, etc). We’ll talk about each of the Chef server components and how they fit together. Next, we’ll explain the Omnibus system, which lets you build native packages for different platforms. Finally, we’ll show you a few troubleshooting techniques.

Our goal is to give you the knowledge you need to maintain your own Chef server and to be ready for more challenging problems, such as how to plan for large scale deployments.

The infrastructure you manage with Chef is a complex machine. This complexity is mirrored in the cookbooks you develop and the data stored in your Chef server. It is an ongoing effort to keep track of the state of that machine and to keep up with all the functionality included in your (many) cookbooks. However, the right tools can help. With them, you can develop code faster, maintain cleaner code, and better understand your existing code.

In this webinar, Franklin Webber, Training and Technical Content Lead at Chef, will demonstrate how better editor and debugger tools can improve your work life. He’ll show you how the right text editor can make it easier to write code. Next, he’ll demonstrate how tools like Rake and Guard can consolidate tasks and automate tests. Finally, he’ll show you how Pry can help you to debug your recipes.

Chef Compliance lets you express your compliance rules as code. You can easily run those rules as tests whenever you want. You get immediate feedback on whether your servers are configured as they should be.

Chef Compliance scans your servers to see if they are configured in accordance with your rules and generates a report that identifies the issues it found. You can then use Chef to remediate those problems.

In this webinar, Joe Gardiner will demonstrate how Chef Compliance works by scanning a default installation of RHEL 7.0 on the public cloud to see if it is CIS compliant. After the scan identifies the problem areas, Joe will use Chef to bring the server in line with the CIS benchmarks.

You’ll also learn about an offer from Chef to help you perform a scan of your infrastructure and get you started on the road to compliance.

You’ve heard about Infrastructure as code and DevOps, but how do you actually make those ideas a reality in AWS? Use Chef. You may know Chef as a leader in configuration management, but you may not know that we have an entire set of tools you can use in AWS to enable an end-to-end DevOps workflow.

In this webinar, we’ll cover some of the latest Chef integrations with AWS. We’ll demonstrate how to use Chef via the AWS Marketplace, and explain the benefits of flexible consumption pricing. We’ll show some common deployment patterns you can incorporate into your own workflow. Then, you’ll learn how to use the AWS Lambda service to enable a function that automatically cleans up your Chef server as your EC2 nodes come in and out of service.

Lawyers are trained to mistrust what they don’t understand. This webinar features members of Chef’s legal and engineering leadership who will give real-life, “in the trenches” perspectives on using open-source software in large enterprises. Our goal is to reduce lawyers’ and procurement departments’ fear and loathing of open source licensing by providing a better understanding of why engineers use open source and how legal can work with engineering to provide guidelines and visibility into open source use.

As automation lightens the load on IT operations personnel, and the DevOps cultural shift brings dev and ops together, some ops people are worried about their jobs.

Furthermore, as DevOps takes hold, other roles in the organization are set to transform. DevOps potentially reworks project management methodologies, so what about the project managers? DevOps flattens organizations, so should middle managers be worried?

In this webinar, industry analyst and president of Intellyx Jason Bloomberg will set the stage with some broad observations about the organizational impact DevOps is having across enterprises.

Next, Pauly Comtois, VP of DevOps at Hearst Business Media will join Jason for a thought-provoking, in-depth discussion of how DevOps impacts individual's roles within the organization, with some first-person stories of Hearst Business Media’s DevOps transformation.

You will learn:
- Potential starting points to mapping your own DevOps transformation
- What non-technical groups and roles need to be part of any DevOps initiative – and methods for effective inclusion
- New organizational approaches to structure and collaboration that empower instead of threaten
- How to better manage business changes with DevOps strategies

We are IT automation for speed and awesomeness. We give you a model for automating IT infrastructure and applications that drive self-reliance across your development and operations teams. We are the Chef Community. We are tens of thousands strong. We are helping your businesses become faster, safer and more flexible, so you win in today's 24x7 digital economy. Join our movement today.